There has hitherto been an unauthorized access prevention device (refer to Japanese Patent Laid-Open Publication No. 2007-235662) including: an access right determining unit which determines, when receiving an ARP (Address Resolution Protocol)-based request via a network, whether a requester terminal of this ARP request is an authorized terminal or not; a PAUSE frame transmitting unit which transmits, when determining that the requester terminal is an unauthorized terminal, a PAUSE frame for stopping a transmission function of the unauthorized terminal over a preset period of time in the way of being addressed to at least one of the unauthorized terminal and the authorized terminal; and a spoofed ARP response unit which disables the communications with the authorized terminal by transmitting a spoofed ARP response against the ARP request to the unauthorized terminal during the period for which the PAUSE frame transmitting unit transmits the PAUSE frame.
Further, there has been also an IP terminal device (refer to Japanese Patent Laid-Open Publication No. 2008-118259) including: an ARP communication unit which broadcasts an ARP packet addressed to an IP address of a communication partner terminal and receives the ARP packet or an ARP response addressed to an IP address of a self-device; an ARP response unit which sends back the ARP response in response to the ARP packet given from the communication partner terminal; a MAC (Media Access Control) address communication unit which mutually receives a MAC address on the communication partner side when starting a session; and a packet communication unit which performs voice packet communications with the communication partner terminal by use of the MAC address on the communication partner side, in which the ARP response unit, upon receiving the MAC address on the communication partner side, stops sending back the ARP response in response to the ARP packet even when receiving the ARP packet addressed to the IP address of the self-device till the session is finished.
For example, in the case of cutting off the communications of a not-yet-authorized information processing device for the purpose of preventing an unauthorized use of the network, it is required that the information processing device connected to the network is managed by checking whether this information processing device is an already-authorized device or a not-yet-authorized device. This type of management has hitherto involved adopting a method of recording an identifier of the already-authorized information processing device in a whitelist and recording, if necessary, an identifier of the not-yet-authorized device in a blacklist.
According to the method of managing the information processing device by use of the list registered with the identifier of the information processing device, however, if a plurality of information processing devices having the same identifier is connected, it is difficult to identify (distinguish between) these information processing devices. Especially in the case of establishing the connection of the not-yet-authorized information processing device spoofed by the same identifier as the identifier of the already-authorized information processing device, it is difficult to determine whether the information processing device is the already-authorized device or the not-yet-authorized device by distinguishing between these information processing devices.